add nova
This commit is contained in:
411
nova/src/Authorizable.php
Normal file
411
nova/src/Authorizable.php
Normal file
@@ -0,0 +1,411 @@
|
||||
<?php
|
||||
|
||||
namespace Laravel\Nova;
|
||||
|
||||
use Illuminate\Auth\Access\AuthorizationException;
|
||||
use Illuminate\Contracts\Auth\Authenticatable;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Illuminate\Support\Str;
|
||||
use Laravel\Nova\Actions\Action;
|
||||
use Laravel\Nova\Actions\DestructiveAction;
|
||||
use Laravel\Nova\Contracts\ImpersonatesUsers;
|
||||
use Laravel\Nova\Http\Requests\NovaRequest;
|
||||
|
||||
trait Authorizable
|
||||
{
|
||||
/**
|
||||
* Determine if the given resource is authorizable.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public static function authorizable()
|
||||
{
|
||||
return ! is_null(Gate::getPolicyFor(static::newModel()));
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the resource should be available for the given request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function authorizeToViewAny(Request $request)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor(static::newModel());
|
||||
|
||||
if (! is_null($gate) && method_exists($gate, 'viewAny')) {
|
||||
$this->authorizeTo($request, 'viewAny');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the resource should be available for the given request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public static function authorizedToViewAny(Request $request)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor(static::newModel());
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, 'viewAny')
|
||||
? Gate::forUser(Nova::user($request))->check('viewAny', get_class(static::newModel()))
|
||||
: true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can view the given resource or throw an exception.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function authorizeToView(Request $request)
|
||||
{
|
||||
$this->authorizeTo($request, 'view');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can view the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToView(Request $request)
|
||||
{
|
||||
return $this->authorizedTo($request, 'view');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can create new resources or throw an exception.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public static function authorizeToCreate(Request $request)
|
||||
{
|
||||
throw_unless(static::authorizedToCreate($request), AuthorizationException::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can create new resources.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public static function authorizedToCreate(Request $request)
|
||||
{
|
||||
if (static::authorizable()) {
|
||||
return Gate::forUser(Nova::user($request))->check('create', get_class(static::newModel()));
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can update the given resource or throw an exception.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function authorizeToUpdate(Request $request)
|
||||
{
|
||||
$this->authorizeTo($request, 'update');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can update the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToUpdate(Request $request)
|
||||
{
|
||||
return $this->authorizedTo($request, 'update');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can replicate the given resource or throw an exception.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function authorizeToReplicate(Request $request)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor(static::newModel());
|
||||
|
||||
if (! is_null($gate) && method_exists($gate, 'replicate')) {
|
||||
$this->authorizeTo($request, 'replicate');
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$this->authorizeToCreate($request);
|
||||
$this->authorizeToUpdate($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can replicate the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToReplicate(Request $request)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor(static::newModel());
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, 'replicate')
|
||||
? Gate::forUser(Nova::user($request))->check('replicate', $this->model())
|
||||
: $this->authorizedToCreate($request) && $this->authorizedToUpdate($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can delete the given resource or throw an exception.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function authorizeToDelete(Request $request)
|
||||
{
|
||||
$this->authorizeTo($request, 'delete');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can delete the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToDelete(Request $request)
|
||||
{
|
||||
return $this->authorizedTo($request, 'delete');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can restore the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToRestore(Request $request)
|
||||
{
|
||||
return $this->authorizedTo($request, 'restore');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can force delete the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToForceDelete(Request $request)
|
||||
{
|
||||
return $this->authorizedTo($request, 'forceDelete');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the user can add / associate models of the given type to the resource.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @param \Illuminate\Database\Eloquent\Model|string $model
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToAdd(NovaRequest $request, $model)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor($this->model());
|
||||
$method = 'add'.class_basename($model);
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, $method)
|
||||
? Gate::forUser(Nova::user($request))->check($method, $this->model())
|
||||
: true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the user can attach any models of the given type to the resource.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @param \Illuminate\Database\Eloquent\Model|string $model
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToAttachAny(NovaRequest $request, $model)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor($this->model());
|
||||
$method = 'attachAny'.Str::singular(class_basename($model));
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, $method)
|
||||
? Gate::forUser(Nova::user($request))->check($method, [$this->model()])
|
||||
: true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the user can attach models of the given type to the resource.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @param \Illuminate\Database\Eloquent\Model|string $model
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToAttach(NovaRequest $request, $model)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor($this->model());
|
||||
$method = 'attach'.Str::singular(class_basename($model));
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, $method)
|
||||
? Gate::forUser(Nova::user($request))->check($method, [$this->model(), $model])
|
||||
: true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the user can detach models of the given type to the resource.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @param \Illuminate\Database\Eloquent\Model|string $model
|
||||
* @param string $relationship
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToDetach(NovaRequest $request, $model, $relationship)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor($this->model());
|
||||
$method = 'detach'.Str::singular(class_basename($model));
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, $method)
|
||||
? Gate::forUser(Nova::user($request))->check($method, [$this->model(), $model])
|
||||
: true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the user can run the given action.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @param \Laravel\Nova\Actions\Action $action
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToRunAction(NovaRequest $request, Action $action)
|
||||
{
|
||||
if ($action instanceof DestructiveAction) {
|
||||
return $this->authorizedToRunDestructiveAction($request, $action);
|
||||
}
|
||||
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor($this->model());
|
||||
|
||||
$method = 'runAction';
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, $method)
|
||||
? Gate::forUser(Nova::user($request))->check($method, [$this->model(), $action])
|
||||
: $this->authorizedToUpdate($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the user can run the given action.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @param \Laravel\Nova\Actions\DestructiveAction $action
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToRunDestructiveAction(NovaRequest $request, DestructiveAction $action)
|
||||
{
|
||||
if (! static::authorizable()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$gate = Gate::getPolicyFor($this->model());
|
||||
|
||||
$method = 'runDestructiveAction';
|
||||
|
||||
return ! is_null($gate) && method_exists($gate, $method)
|
||||
? Gate::forUser(Nova::user($request))->check($method, [$this->model(), $action])
|
||||
: $this->authorizedToDelete($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can impersonate the given resource.
|
||||
*
|
||||
* @param \Laravel\Nova\Http\Requests\NovaRequest $request
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedToImpersonate(NovaRequest $request)
|
||||
{
|
||||
$user = Nova::user($request);
|
||||
|
||||
return app(ImpersonatesUsers::class)->impersonating($request) === false
|
||||
&& ! $this->resource->is($user)
|
||||
&& $this->resource instanceof Authenticatable
|
||||
&& (method_exists($this->resource, 'canBeImpersonated') && $this->resource->canBeImpersonated() === true)
|
||||
&& (method_exists($user, 'canImpersonate') && $user->canImpersonate() === true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user has a given ability.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param string $ability
|
||||
* @return void
|
||||
*
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function authorizeTo(Request $request, $ability)
|
||||
{
|
||||
if (static::authorizable()) {
|
||||
Gate::forUser(Nova::user($request))->authorize($ability, $this->resource);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current user can view the given resource.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param string $ability
|
||||
* @return bool
|
||||
*/
|
||||
public function authorizedTo(Request $request, $ability)
|
||||
{
|
||||
return static::authorizable() ? Gate::forUser(Nova::user($request))->check($ability, $this->resource) : true;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user